HttpRealIpModule
Contents |
[edit] Synopsis
This module allows to change the client's IP address to value from request header (e. g. X-Real-IP or X-Forwarded-For).
It is useful if nginx works behind some proxy of L7 load balancer, and the request comes from a local IP, but proxy add request header with client's IP.
This module isn't built by default, enable it with the configure option
--with-http_realip_module
Example:
set_real_ip_from 192.168.1.0/24; set_real_ip_from 192.168.2.1; real_ip_header X-Real-IP;
[edit] Directives
[edit] set_real_ip_from
syntax: set_real_ip_from [the address|CIDR|"unix:"]
default: none
context: http, server, location
This directive describes the trusted addresses, which transfer accurate address for the replacement. Since 0.8.22 Unix sockets can also be trusted.
[edit] real_ip_header
syntax: real_ip_header [X-Real-IP|X-Forwarded-For]
default: real_ip_header X-Real-IP
context: http, server, location
This directive sets the name of the header used for transferring the replacement IP address.
In case of X-Forwarded-For, this module uses the last ip in the X-Forwarded-For header for replacement.
